ePubs
The open archive for STFC research publications
Home
About ePubs
Content Policies
News
Help
Privacy/Cookies
Suggest an Enhancement
Contact ePubs
Full Record Details
Persistent URL
http://purl.org/net/epubs/work/49763
Record Status
Checked
Record Id
49763
Title
Efficiently detect conflicts between attribute-based access control policy rules with rule reduction and binary-search techniques
Contributors
C Shu (ICT)
,
EY Yang (STFC Rutherford Appleton Lab.)
,
AE Arenas (STFC Rutherford Appleton Lab.)
Abstract
Attribute-based access control(ABAC) policies are effective and flexible in governing the access to information and resources in open computing environments. However, ABAC policy rules are often complex making them prone to conflicts. The complexity of dealing with ABAC rules arises from using multiple attributes to describe subjects and objects. This paper proposes an optimized method to detect the conflicts between statistically conflicting rules in an ABAC policy. This method includes two optimization techniques: rule reduction and binary-search. The first technique reduces the rules into a set of compact, semantically equivalent rules through removing redundant information among the rules. The binary-search technique is then applied to discover the conflicts among them. We also detail the algorithms used by these techniques to achieve the optimized performance. The time complexity for the proposed method is O(nlgn), where n is the number of rules in a policy. This is achieved at a cost of less than two times runtime space increase. The experimental studies have shown that a) our method can detect statically-conflicting rules in near linear time cost proportional to the number of rules; and b) achieve good scalability, as shown, by efficiently detecting the conflicts in an ABAC policy containing over 20,000 rules.
Organisation
ESC
,
ESC-IM
,
STFC
Keywords
Policy Analysis
,
Attribute-Based Access Control
,
Engineering
,
Policy Conflicts
Funding Information
Related Research Object(s):
Licence Information:
Language
English (EN)
Type
Details
URI(s)
Local file(s)
Year
Report
XtreemOS Report. 2009.
abac_conflicts.pdf
2009
Showing record 1 of 1
Recent Additions
Browse Organisations
Browse Journals/Series
Login to add & manage publications and access information for OA publishing
Username:
Password:
Useful Links
Chadwick & RAL Libraries
SHERPA FACT
SHERPA RoMEO
SHERPA JULIET
Journal Checker Tool
Google Scholar